 |
|
| OUHSC Information Technology Department |
|
|
|
  |
Security Incident Reporting Policy: Supporting documents: Full policy - Standard - Process - Procedures - Form All suspected information security incidents must be reported promptly to the appropriate university office or party. Information Technology will define standard methods for identifying, reporting, and responding to information security incidents. See Incident reporting procedures for how to report an incident. Incident Reporting Standards (Draft): Users must report information security incidents to the local support provider for that specific IT device or resource. In circumstances where the user is also the local support provider the user is obligated to follow the procedures listed under "Local Support Provider," below. Local support providers must collect appropriate information about the devices or resources that were compromised, disconnect affected IT devices from the network (where appropriate), and notify the IT service desk or IT security personnel about the incident and the action taken. Refer to the incident report form. Upon performing remedial actions, send mail notification to security personnel at IT-Security@ouhsc.edu or call (405) 271-2476 for accurate closure of the incident. Notify affected user of remedial steps taken, recommended mitigating activities and other appropriate information. IT Service Desk or Security personnel must open and maintain information security incident tickets, contact users and local support providers for the compromised devices about any actions needed, the reasons why, and how to reestablish service. The IT Service Desk or IT Security may initiate escalation procedures to the appropriate office or party. The IT Service Desk should handle incident reporting for students and enterprise applications such as e-mail and the network. |
 |
|
|
 |
 Copyright © 2006 The Board of Regents of the University of Oklahoma, All Rights Reserved.-
Disclaimer | Copyright |
